CVE-2006-1417

Sažetak

Multiple cross-site scripting (XSS) vulnerabilities in Caloris Planitia Online Quiz System (aka Web Quiz pro), possibly 1.0, allow remote attackers to inject arbitrary web script or HTML via the (1) exam parameter in prequiz.asp or (2) msg parameter in student.asp.

Reference

http://pridels0.blogspot.com/2006/03/web-quiz-pro-xss-vuln.html
http://secunia.com/advisories/19416
http://www.osvdb.org/24129
http://www.osvdb.org/24130
http://www.securityfocus.com/bid/17255
http://www.vupen.com/english/advisories/2006/1091
https://exchange.xforce.ibmcloud.com/vulnerabilities/25431

CVSS

Base:	4.3
Impact:	2.9
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:N/AC:M/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

20-07-2017 - 01:30

Objavljeno

28-03-2006 - 20:02